Updated x11-server packages fix security vulnerability
Publication date: 21 Aug 2015Modification date: 21 Aug 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-3164
Description
The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket (CVE-2015-3164).
References
SRPMS
5/core
- x11-server-1.16.4-2.1.mga5